<?php
	include_once("./commonality.php");

	function msg($msg, $url=''){
		if($url == ''){
			$ad = "window.history.go(-1)";
		}else{
			$ad = "window.location.href='{$url}'";
		}
		exit("<script>alert('{$msg}');{$ad};</script>");
	}
error_reporting(E_ALL^E_NOTICE^E_WARNING);
date_default_timezone_set("PRC");
session_start();
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
		
		if(isset($_POST['sub'])){
			$account=trim($_POST['account']);
			$pwd=md5(trim($_POST['pwd']));
			//print_r($_POST);exit;
			if($account!=""){
				 $sel="select * from user where uname='$account'";
					$ine=mysql_query($sel);
					$ss1=mysql_fetch_assoc($ine);
					if($account!=$ss1['uname']){
						msg("用户名不存在请注册","register3.php");
						exit;
					}
					if(mysql_num_rows($ine)>0){
						if($pwd!=""){
							$ser="select * from user where upassword='$pwd' and uname='$account'";
							$lne=mysql_query($ser);
							$ss=mysql_fetch_assoc($lne);
							if($pwd!=$ss['upassword']){
								msg("密码错误","register1.php");
								exit;
							}
							$ser="select * from user where upassword='$pwd' and uname='$account'";
							$lne=mysql_query($ser);
							$uarr=mysql_fetch_assoc($lne);

							if(mysql_num_rows($lne)>0){							
							if($uarr['utype']==1){	
								$_SESSION["account"]=$account;
								$_SESSION["uid"]=$uarr['uid'];
								$_SESSION['touxiang']=$uarr['touxiang'];				
								tankuang("登录成功","./index.php");
								}else{
									tankuang("此用户被禁用","./register1.php");
								}
							}else{
								tankuang("密码不能为空","./register1.php");
								//tankuang("用户名不存在请注册","./register3.php");
							}
						}else{
							tankuang("密码不能为空请输入","./register1.php");
						}
					}
			}else{
				tankuang("用户名不能为空请输入","./register1.php");
			}
		}



?>